Examples with SecurityCollection org.apache.catalina.deploy.SecurityCollection used on opensource projects

Search in sources :

Example 6 with SecurityCollection

use of org.apache.catalina.deploy.SecurityCollection in project tomcat70 by apache.

the class TestNonLoginAndBasicAuthenticator method setUpLogin.

private void setUpLogin() throws Exception {
    // No file system docBase required
    basicContext = tomcat.addContext(CONTEXT_PATH_LOGIN, null);
    basicContext.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS);
    // Add protected servlet to the context
    Tomcat.addServlet(basicContext, "TesterServlet3", new TesterServlet());
    basicContext.addServletMapping(URI_PROTECTED, "TesterServlet3");
    SecurityCollection collection = new SecurityCollection();
    collection.addPattern(URI_PROTECTED);
    SecurityConstraint sc = new SecurityConstraint();
    sc.addAuthRole(ROLE);
    sc.addCollection(collection);
    basicContext.addConstraint(sc);
    // Add unprotected servlet to the context
    Tomcat.addServlet(basicContext, "TesterServlet4", new TesterServlet());
    basicContext.addServletMapping(URI_PUBLIC, "TesterServlet4");
    SecurityCollection collection2 = new SecurityCollection();
    collection2.addPattern(URI_PUBLIC);
    SecurityConstraint sc2 = new SecurityConstraint();
    // do not add a role - which signals access permitted without one
    sc2.addCollection(collection2);
    basicContext.addConstraint(sc2);
    // Configure the authenticator and inherit the Realm from Engine
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod("BASIC");
    basicContext.setLoginConfig(lc);
    AuthenticatorBase basicAuthenticator = new BasicAuthenticator();
    basicContext.getPipeline().addValve(basicAuthenticator);
}
Also used : LoginConfig(org.apache.catalina.deploy.LoginConfig) TesterServlet(org.apache.catalina.startup.TesterServlet) SecurityConstraint(org.apache.catalina.deploy.SecurityConstraint) SecurityCollection(org.apache.catalina.deploy.SecurityCollection)

Example 7 with SecurityCollection

use of org.apache.catalina.deploy.SecurityCollection in project tomcat70 by apache.

the class TestRestCsrfPreventionFilter2 method setUpApplication.

private void setUpApplication() throws Exception {
    context = tomcat.addContext(CONTEXT_PATH_LOGIN, System.getProperty("java.io.tmpdir"));
    context.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS);
    Tomcat.addServlet(context, SERVLET_NAME, new TesterServlet());
    context.addServletMapping(URI_PROTECTED, SERVLET_NAME);
    FilterDef filterDef = new FilterDef();
    filterDef.setFilterName(FILTER_NAME);
    filterDef.setFilterClass(RestCsrfPreventionFilter.class.getCanonicalName());
    filterDef.addInitParameter(FILTER_INIT_PARAM, REMOVE_CUSTOMER + "," + ADD_CUSTOMER);
    context.addFilterDef(filterDef);
    FilterMap filterMap = new FilterMap();
    filterMap.setFilterName(FILTER_NAME);
    filterMap.addURLPattern(URI_CSRF_PROTECTED);
    context.addFilterMap(filterMap);
    SecurityCollection collection = new SecurityCollection();
    collection.addPattern(URI_PROTECTED);
    SecurityConstraint sc = new SecurityConstraint();
    sc.addAuthRole(ROLE);
    sc.addCollection(collection);
    context.addConstraint(sc);
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod(METHOD);
    context.setLoginConfig(lc);
    AuthenticatorBase basicAuthenticator = new BasicAuthenticator();
    context.getPipeline().addValve(basicAuthenticator);
}
Also used : AuthenticatorBase(org.apache.catalina.authenticator.AuthenticatorBase) FilterDef(org.apache.catalina.deploy.FilterDef) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) LoginConfig(org.apache.catalina.deploy.LoginConfig) FilterMap(org.apache.catalina.deploy.FilterMap) SecurityConstraint(org.apache.catalina.deploy.SecurityConstraint) SecurityCollection(org.apache.catalina.deploy.SecurityCollection)

Example 8 with SecurityCollection

use of org.apache.catalina.deploy.SecurityCollection in project tomcat70 by apache.

the class TestSSOnonLoginAndBasicAuthenticator method setUpLogin.

private void setUpLogin() throws Exception {
    // No file system docBase required
    basicContext = tomcat.addContext(CONTEXT_PATH_LOGIN, null);
    basicContext.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS);
    // Add protected servlet to the context
    Tomcat.addServlet(basicContext, "TesterServlet3", new TesterServletEncodeUrl());
    basicContext.addServletMapping(URI_PROTECTED, "TesterServlet3");
    SecurityCollection collection = new SecurityCollection();
    collection.addPattern(URI_PROTECTED);
    SecurityConstraint sc = new SecurityConstraint();
    sc.addAuthRole(ROLE);
    sc.addCollection(collection);
    basicContext.addConstraint(sc);
    // Add unprotected servlet to the context
    Tomcat.addServlet(basicContext, "TesterServlet4", new TesterServletEncodeUrl());
    basicContext.addServletMapping(URI_PUBLIC, "TesterServlet4");
    SecurityCollection collection2 = new SecurityCollection();
    collection2.addPattern(URI_PUBLIC);
    SecurityConstraint sc2 = new SecurityConstraint();
    // do not add a role - which signals access permitted without one
    sc2.addCollection(collection2);
    basicContext.addConstraint(sc2);
    // Configure the authenticator and inherit the Realm from Engine
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod("BASIC");
    basicContext.setLoginConfig(lc);
    AuthenticatorBase basicAuthenticator = new BasicAuthenticator();
    basicContext.getPipeline().addValve(basicAuthenticator);
}
Also used : TesterServletEncodeUrl(org.apache.catalina.startup.TesterServletEncodeUrl) LoginConfig(org.apache.catalina.deploy.LoginConfig) SecurityConstraint(org.apache.catalina.deploy.SecurityConstraint) SecurityCollection(org.apache.catalina.deploy.SecurityCollection)

Example 9 with SecurityCollection

use of org.apache.catalina.deploy.SecurityCollection in project tomcat70 by apache.

the class TestSSOnonLoginAndDigestAuthenticator method setUpDigest.

private void setUpDigest(Tomcat tomcat) throws Exception {
    // No file system docBase required
    Context ctxt = tomcat.addContext(CONTEXT_PATH_DIGEST, null);
    ctxt.setSessionTimeout(SHORT_TIMEOUT_SECS);
    // Add protected servlet
    Tomcat.addServlet(ctxt, "TesterServlet3", new TesterServlet());
    ctxt.addServletMapping(URI_PROTECTED, "TesterServlet3");
    SecurityCollection collection = new SecurityCollection();
    collection.addPattern(URI_PROTECTED);
    SecurityConstraint sc = new SecurityConstraint();
    sc.addAuthRole(ROLE);
    sc.addCollection(collection);
    ctxt.addConstraint(sc);
    // Configure the appropriate authenticator
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod("DIGEST");
    ctxt.setLoginConfig(lc);
    ctxt.getPipeline().addValve(new DigestAuthenticator());
}
Also used : Context(org.apache.catalina.Context) LoginConfig(org.apache.catalina.deploy.LoginConfig) TesterServlet(org.apache.catalina.startup.TesterServlet) SecurityConstraint(org.apache.catalina.deploy.SecurityConstraint) SecurityCollection(org.apache.catalina.deploy.SecurityCollection)

Example 10 with SecurityCollection

use of org.apache.catalina.deploy.SecurityCollection in project tomcat70 by apache.

the class TestSSOnonLoginAndDigestAuthenticator method setUpNonLogin.

private void setUpNonLogin(Tomcat tomcat) throws Exception {
    // No file system docBase required
    Context ctxt = tomcat.addContext(CONTEXT_PATH_NOLOGIN, null);
    ctxt.setSessionTimeout(LONG_TIMEOUT_SECS);
    // Add protected servlet
    Tomcat.addServlet(ctxt, "TesterServlet1", new TesterServlet());
    ctxt.addServletMapping(URI_PROTECTED, "TesterServlet1");
    SecurityCollection collection1 = new SecurityCollection();
    collection1.addPattern(URI_PROTECTED);
    SecurityConstraint sc1 = new SecurityConstraint();
    sc1.addAuthRole(ROLE);
    sc1.addCollection(collection1);
    ctxt.addConstraint(sc1);
    // Add unprotected servlet
    Tomcat.addServlet(ctxt, "TesterServlet2", new TesterServlet());
    ctxt.addServletMapping(URI_PUBLIC, "TesterServlet2");
    SecurityCollection collection2 = new SecurityCollection();
    collection2.addPattern(URI_PUBLIC);
    SecurityConstraint sc2 = new SecurityConstraint();
    // do not add a role - which signals access permitted without one
    sc2.addCollection(collection2);
    ctxt.addConstraint(sc2);
    // Configure the appropriate authenticator
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod("NONE");
    ctxt.setLoginConfig(lc);
    ctxt.getPipeline().addValve(new NonLoginAuthenticator());
}
Also used : Context(org.apache.catalina.Context) LoginConfig(org.apache.catalina.deploy.LoginConfig) TesterServlet(org.apache.catalina.startup.TesterServlet) SecurityConstraint(org.apache.catalina.deploy.SecurityConstraint) SecurityCollection(org.apache.catalina.deploy.SecurityCollection)

Aggregations

SecurityCollection (org.apache.catalina.deploy.SecurityCollection)19 SecurityConstraint (org.apache.catalina.deploy.SecurityConstraint)19 LoginConfig (org.apache.catalina.deploy.LoginConfig)11 Context (org.apache.catalina.Context)9 TesterServlet (org.apache.catalina.startup.TesterServlet)5 Tomcat (org.apache.catalina.startup.Tomcat)5 Test (org.junit.Test)4 AuthenticatorBase (org.apache.catalina.authenticator.AuthenticatorBase)3 ClientEndpointConfig (javax.websocket.ClientEndpointConfig)2 DefaultServlet (org.apache.catalina.servlets.DefaultServlet)2 MapRealm (org.apache.catalina.startup.TestTomcat.MapRealm)2 TesterServletEncodeUrl (org.apache.catalina.startup.TesterServletEncodeUrl)2 TesterContext (org.apache.tomcat.unittest.TesterContext)2 File (java.io.File)1 IOException (java.io.IOException)1 URISyntaxException (java.net.URISyntaxException)1 UnknownHostException (java.net.UnknownHostException)1 KeyManagementException (java.security.KeyManagementException)1 KeyStore (java.security.KeyStore)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial